CVE-2024-23610
Out of Bounds Write Due to Missing Bounds Check in LabVIEW
In short
LabVIEW has a flaw that allows writing data outside memory boundaries when processing specially crafted files, potentially letting attackers run malicious code if a user opens a compromised file.
Technical detail
An out-of-bounds write vulnerability exists due to missing bounds validation in LabVIEW's VI file processing. Attack vector requires user interaction (opening a malicious VI file); successful exploitation enables arbitrary code execution in the context of the LabVIEW process. Affects LabVIEW 2024 Q1 and earlier versions.
Summary generated and translated by AI from the official description.
An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
NI · LabVIEWWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →